How Nolea Implemented GDPR

Putting Privacy First

At Nolea, we recognise the importance of privacy and data protection as foundational elements of our business operations. We have always adhered to stringent privacy policies that comply with existing laws and uphold data protection principles. Recognising the implications of the GDPR, we have expanded and updated our privacy framework to strengthen our commitment to data security further.

How We Prepared for GDPR

Preparation for GDPR at Nolea involved a thorough assessment of our data handling practices and policies to ensure they meet the stringent requirements of the GDPR. Key steps included:

• Evaluating Data Processes: We analysed how we collect, store, and process data, ensuring all operations are GDPR compliant.

• Updating Agreements and Policies: With assistance from legal experts, we revised our contracts and privacy policies to ensure they are clear and meet GDPR requirements.

• Engagement with Stakeholders: We involved stakeholders in our GDPR readiness journey, ensuring transparency and accountability in our practices.

Expanded Disclosure and Data Subject Rights

Nolea is transparent about the personal data we collect and the purposes for which it is used. We are committed to minimising data collection and only gathering what is necessary for our operations. We respect the rights of data subjects by:

• Informing Data Subjects: We provide clear information on data collection practices directly to data subjects and offer mechanisms for data subjects to control their personal information.

• Enabling Data Control: Data subjects can directly manage their data through our Privacy Centre, allowing easy access to request data deletion, modification, or retrieval.

Privacy by Design

Our product development incorporates privacy from the outset, integrating data protection into the lifecycle of our technology and business practices.

Dedicated Privacy Management

Nolea ensures GDPR compliance through a coordinated team approach. Our compliance team, composed of IT, legal, and operations experts, is responsible for:

• Educating Our Staff: Providing regular data protection training to maintain awareness and ensure best practices.

• Assessing Data Protection Measures: Continuously reviewing and enhancing our security policies and procedures.

• Ensuring Continuous Compliance: Monitoring our data processing activities to guarantee adherence to GDPR standards.

This approach integrates data protection across all levels of our organisation, demonstrating our dedication to maintaining privacy and security.

Global Privacy Training

Understanding the importance of awareness, Nolea has implemented a comprehensive privacy training program for all employees. This program includes initial training upon hiring and regular updates to ensure all team members are informed of the latest data protection standards and practices.